Posted
by
msmash
on Thursday May 24, 2018 @03:40PM
from the security-woes dept.

An anonymous reader writes: A bug in T-Mobile's website let anyone access the personal account details of any customer with just their cell phone number, ZDNet reported Thursday. The flaw, since fixed, could have been exploited by anyone who knew where to look -- a little-known T-Mobile subdomain that staff use as a customer care portal to access the company's internal tools. The subdomain -- promotool.t-mobile.com, which can be easily found on search engines -- contained a hidden API that would return T-Mobile customer data simply by adding the customer's cell phone number to the end of the web address.

Although the API is understood to be used by T-Mobile staff to look up account details, it wasn't protected with a password and could be easily used by anyone. The returned data included a customer's full name, postal address, billing account number, and in some cases information about tax identification numbers. The data also included customers' account information, such as if a bill is past-due or if the customer had their service suspended.

Posted
by
msmash
on Thursday May 24, 2018 @03:00PM
from the for-the-record dept.

Criminals have stolen about $1.2 billion in cryptocurrencies since the beginning of 2017, as bitcoin's popularity and the emergence of more than 1,500 digital tokens have put the spotlight on the unregulated sector, according to estimates from the Anti-Phishing Working Group released on Thursday. From a report: The estimates were part of the non-profit group's research on cryptocurrency and include reported and unreported theft. "One problem that we're seeing in addition to the criminal activity like drug trafficking and money laundering using cryptocurrencies is the theft of these tokens by bad guys," Dave Jevans, chief executive officer of cryptocurrency security firm CipherTrace, told Reuters in an interview.

Posted
by
msmash
on Thursday May 24, 2018 @02:20PM
from the apple-declined-to-comment dept.

In 2014, multiple users reported that their iPhone 6 and 6 Plus handsets were bending under pressure, such as when they were kept in a pocket. As a byproduct of this issue, the touchscreen's internal hardware was also susceptible to losing its connection to the phone's logic board. It turns out, Apple was aware that this could happen. Motherboard: Apple's internal tests found that the iPhone 6 and iPhone 6 Plus are significantly more likely to bend than the iPhone 5S, according to information made public in a recent court filing obtained by Motherboard. Publicly, Apple has never said that the phones have a bending problem, and maintains that position, despite these models commonly being plagued with "touch disease," a flaw that causes the touchscreen to work intermittently that the repair community say is a result of bending associated with normal use. The information is contained in internal Apple documents filed under seal in a class-action lawsuit that alleges Apple misled customers about touch disease. The documents remain under seal, but US District Court judge Lucy Koh made some of the information from them public in a recent opinion in the case. The company found that the iPhone 6 is 3.3 times more likely to bend than the iPhone 5s, and the iPhone 6 Plus is 7.2 times more likely to bend than the iPhone 5s, according to the documents. Koh wrote that "one of the major concerns Apple identified prior to launching the iPhones was that they were 'likely to bend more easily when compared to previous generations.'"

Reader rootmon writes: Our thoughts/prayers are with the family and friends of long time open source writer/journalist Robin "Roblimo" Miller who passed away this morning. Robin "Roblimo" Miller (born October 30, 1952) served as the Editor-in-Chief of Open Source Technology Group, the company which owned Slashdot, SourceForge.net, Freshmeat, Linux.com, NewsForge, and ThinkGeek between 2000 to 2008. Miller formerly owned Robin's Limousine, a small limo company based in Elkridge, Maryland, the origin of his online nickname. Miller is best known for his involvement with Slashdot, where he was not only the corporate editorial overseer but also Interview Editor.

As a freelancer, Miller wrote for a number of print and online publications including Time.com, Baltimore City Paper, American Medical News, Innkeeping World, Machine Design, The Baltimore Sun, and Rewired.com. Miller is the author of three books: The Online Rules of Successful Companies, Point -- Click Linux!, and Point -- Click OpenOffice.org, all published by Prentice Hall. His most recent ventures revolved around Internet-delivered video, including video software "tours" and tutorials on Linux.com and his recent "side" venture, Internet Video Promotion, Inc. Miller has been a judge for the Lulu Blooker Prize and is on the online advisory board of the Online Journalism Review of the Annenberg Center for Communication at the University of Southern California. (Biographical Info Quoted in Part from Wikipedia)Further reading: Linux Journal: RIP Robin "Roblimo" Miller.

Remembering Miller, ZDNet journalist S. Vaughan-Nichols wrote, "He was funny, bright, quick with a quip, caring, and wise. I, and many others who had the pleasure of knowing him, will miss him enormously." Paul Jones, Clinical Professor at the School of Information & Library Science, and Director of ibiblio.org, wrote, "Robin taught me many things, besides the immense gift of his friendship, including 'the way to make money on the internet is to take on more than you spend.' Both funny and accurate in context and very much true to roblimo." Writer and engineer Emmett Initiative said, "He was my editor, which means he was my best friend and worst enemy. He was a kind and thoughtful man that made every writer around him at least 300% better. I already miss him."

Posted
by
msmash
on Thursday May 24, 2018 @01:20PM
from the marching-forward dept.

New Bedford hopes to soon be the operations center for the first major offshore wind farm in the United States, bringing billions of dollars of investment and thousands of jobs to the town and other ports on the East Coast. The New York Times: On Wednesday, that effort took a major step forward as the State of Massachusetts, after holding an auction, selected a group made up of a Danish investment firm and a Spanish utility to erect giant turbines on the ocean bottom, beginning about 15 miles off Martha's Vineyard. This initial project will generate 800 megawatts of electricity, roughly enough to power a half a million homes. At the same time, Rhode Island announced it would award a 400-megawatt offshore wind project to another bidder in the auction.

The groups must now work out the details of their contracts with the states' utilities. "We see this not just as a project but as the beginning of an industry," Lars Thaaning Pedersen, the chief executive of Vineyard Wind, which was awarded the Massachusetts contract, said in an interview. Offshore wind farms have increasingly become mainstream sources of power in Northern Europe, and are fast becoming among the cheapest sources of electricity in countries like Britain and Germany. Those power sources in those two countries already account for more than 12 gigawatts of electricity generation capacity.

Posted
by
msmash
on Thursday May 24, 2018 @12:35PM
from the privacy-woes dept.

Gary Horcher, reporting for KIRO7: A Portland family contacted Amazon to investigate after they say a private conversation in their home was recorded by Amazon's Alexa -- the voice-controlled smart speaker -- and that the recorded audio was sent to the phone of a random person in Seattle, who was in the family's contact list. "My husband and I would joke and say I'd bet these devices are listening to what we're saying," said Danielle, who did not want us to use her last name. Every room in her family home was wired with the Amazon devices to control her home's heat, lights and security system. But Danielle said two weeks ago their love for Alexa changed with an alarming phone call. "The person on the other line said, 'unplug your Alexa devices right now,'" she said. '"You're being hacked.'" That person was one of her husband's employees, calling from Seattle. "We unplugged all of them and he proceeded to tell us that he had received audio files of recordings from inside our house," she said. "At first, my husband was, like, 'no you didn't!' And the (recipient of the message) said 'You sat there talking about hardwood floors.' And we said, 'oh gosh, you really did hear us.'" Danielle listened to the conversation when it was sent back to her, and she couldn't believe someone 176 miles away heard it too. In a statement, an Amazon spokesperson said, "Amazon takes privacy very seriously. We investigated what happened and determined this was an extremely rare occurrence. We are taking steps to avoid this from happening in the future."

Posted
by
msmash
on Thursday May 24, 2018 @12:00PM
from the lost-and-found dept.

An anonymous reader shares a report: There are trillions of reasons for the world to prevent temperatures from rising more than 1.5C, the aspirational target laid out in the Paris climate agreement, according to a new study. If nations took the necessary actions to meet that goal, rather than the increasingly discussed 2C objective, there's a 60 percent chance it would save the world more than $20 trillion, according to new work published this week in Nature by scientists at Stanford. That figure is far higher than what most experts think it will cost to cut emissions enough to achieve the 1.5C target. Indeed, one study put the price tag in the hundreds of billions of dollars. If temperatures rise by 3C, it will knock out an additional 5 percent of GDP. That's the entire planet's GDP.

Posted
by
msmash
on Thursday May 24, 2018 @11:20AM
from the new-offering dept.

"Adult entertainment" giant Pornhub is entering the busy virtual private network (VPN) space with the launch of its very own VPN service. From a report: Dubbed VPNhub, the new service is available for free via native apps on Android, iOS, MacOS, and Windows, though there is a premium subscription available that gets rid of the ads and promises faster speeds. In the U.S., this will cost between $12 and $14 per month, depending on the platform. VPNhub promises unlimited bandwidth, even on the free service, which is key given that Pornhub's core selling point is bandwidth-intensive video, while it offers around 1,000 servers across 15 countries. And it promises that it logs no user data.

Posted
by
msmash
on Thursday May 24, 2018 @10:40AM
from the closer-look dept.

The Justice Department has opened a criminal probe into whether traders are manipulating the price of Bitcoin and other digital currencies, dramatically ratcheting up U.S. scrutiny of red-hot markets that critics say are rife with misconduct, Bloomberg reported Thursday, citing people familiar with the matter. From the report: The investigation is focused on illegal practices that can influence prices -- such as spoofing, or flooding the market with fake orders to trick other traders into buying or selling, said the people, who asked not to be identified because the review is private. Federal prosecutors are working with the Commodity Futures Trading Commission, a financial regulator that oversees derivatives tied to Bitcoin, the people said. Authorities worry that virtual currencies are susceptible to fraud for multiple reasons: skepticism that all exchanges are actively pursuing cheaters, wild price swings that could make it easy to push valuations around and a lack of regulations like the ones that govern stocks and other assets.

Posted
by
msmash
on Thursday May 24, 2018 @10:07AM
from the breaking-news dept.

President Donald Trump has cancelled his much anticipated meeting with North Korean leader Kim Jong Un that was scheduled to take place in Singapore on June 12, he announced moments ago. In a letter to Kim, the president said; "I was very much looking forward to being there with you. Sadly, based on the tremendous anger an open hostility displayed in your most recent statement, I feel it is inappropriate, at this time to have this long-planned meeting. Therefore, please let this letter to serve to represent that the Singapore summit, for the good of both parties, but to the detriment of the world, will not take place." He added, "You talk about your nuclear capabilities, but ours are so massive and powerful that I pray to God they will never have to be used."

Posted
by
BeauHDon Thursday May 24, 2018 @09:00AM
from the don't-do-the-crime-if-you-can't-do-the-time dept.

bricko shares a report from Kansas: A federal grand jury has indicted the man accused in Wichita's fatal swatting as well as the two gamers involved in the video game dispute that prompted the false emergency call. The 29-page indictment was unsealed Wednesday in U.S. District Court for the District of Kansas. It charges 25-year-old Tyler Barriss, who is facing state court charges including involuntary manslaughter, with false information and hoaxes, cyberstalking, threatening to kill another or damage property by fire, interstate threats, conspiracy and several counts of wire fraud, according to federal court records. One of the gamers -- 18-year-old Casey S. Viner of North College Hill, Ohio -- is charged with several counts of wire fraud, conspiracy, obstruction of justice and conspiracy to obstruct justice. The other gamer -- 19-year-old Shane M. Gaskill of Wichita -- is charged with several counts of obstruction of justice, wire fraud and conspiracy to obstruct justice.

Posted
by
BeauHDon Thursday May 24, 2018 @06:00AM
from the bang-for-your-buck dept.

An anonymous reader quotes a report from AnandTech: Today Qualcomm announces a new entry to the Snapdragon lineup with the first 700-series SoC platform. The Snapdragon 710 is a direct successor to the Snapdragon 660 but comes with a new branding more worthy of the increased performance characteristics of the SoC. The big IP blocks found on the Snapdragon 710 are very much derivatives of what's found on the flagship Snapdragon 845. On the CPU side we see the same 2.2GHz maximum clock on the big cores, but the Kryo 360 Cortex A75 based CPUs are microarchitectural upgrade over last year's A72 based Kryo 260. The little cores are also based on the newer Cortex A55's and are clocked at up to 1.7GHz. The performance improvements are quoted as an overall 20% uplift in SPECint2000 and 25% faster performance in Octane and Kraken versus the SD660. The SoC now also uses the new system cache first introduced in the Snapdragon 845 -- although I'm expecting a smaller, yet unconfirmed 1MB size in the SD710. The 700-series SoC platform sports the new 600 series Adreno GPUs. They have an expected frequency of around 750MHz and up to 35% higher performance versus the Adreno 512 in the SD660.

"In terms of connectivity the new SoC implements an X15 modem which is capable of UE Category 15 in the downstream with up to 800Mbps in 4x carrier aggregation and up to UE Category 7 in the upload with up to 2x CA and 256 QAM," reports AnandTech. "The new chipset now also offers 2x2 802.11ac digital backend for Wi-Fi -- however it'll still need an external discrete analog RF frontend."

Posted
by
BeauHDon Thursday May 24, 2018 @03:00AM
from the cheaper-by-the-dozen dept.

schwit1 shares a report from Ars Technica: Like United Launch Alliance, the [France-based] Ariane Group faces pricing pressure from SpaceX, which offers launch prices as low as $62 million for its Falcon 9 rocket. It has specifically developed the Ariane 6 rocket to compete with the Falcon 9 booster. But there are a couple of problems with this. Despite efforts to cut costs, the two variants of the Ariane 6 will still cost at least 25 percent more than SpaceX's present-day prices. Moreover, the Ariane 6 will not fly until 2020 at the earliest, by which time Falcon 9 could offer significantly cheaper prices on used Falcon 9 boosters if it needed to. (The Ariane 6 rocket is entirely expendable). With this background in mind, the chief executive of Ariane Group, Alain Charmeau, gave an interview to the German publication Der Spiegel. The interview was published in German, but a credible translation can be found here. During the interview, Charmeau expressed frustration with SpaceX and attributed its success to subsidized launches for the U.S. government.

When pressed on the price pressure that SpaceX has introduced into the launch market, Charmeau's central argument is that this has only been possible because, "SpaceX is charging the U.S. government 100 million dollar per launch, but launches for European customers are much cheaper." Essentially, he says, launches for the U.S. military and NASA are subsidizing SpaceX's commercial launch business. However, the pay-for-service prices that SpaceX offers to the U.S. Department of Defense for spy satellites and cargo and crew launches for NASA are below those of what other launch companies charge. And while $100 million or more for a military launch is significantly higher than a $62 million commercial launch, government contracts come with extra restrictions, reviews, and requirements that drive up this price.

Posted
by
BeauHDon Wednesday May 23, 2018 @11:30PM
from the motivated-by-money dept.

An anonymous reader quotes a report from Reuters: Providing free electronic cigarettes or other stop-smoking products to employees to get them to give up real cigarettes is less effective than the threat of taking away a cash reward for quitting, according to a new study that weighs the effectiveness of a variety of workplace incentive programs. The findings, published in The New England Journal of Medicine, call into question the claims by e-cigarette enthusiasts that the devices may be better than traditional quit aids at helping smokers to stop. The study is also significant because it may be the first to look at programs to get all smoking employees to quit, whether or not they've decided they want to do so. The results show that if the motivation isn't there, neither are the positive results. 9.5 percent of participants who got the free smoking cessation products plus a cash reward ($100 for the first month, an additional $200 at the three-month mark and $300 if they stayed smoke-free for six months) for staying away from tobacco quit.

Posted
by
BeauHDon Wednesday May 23, 2018 @10:05PM
from the pen-and-paper dept.

Apple has reportedly signed a deal with Volkswagen(Warning: source may be paywalled; alternative source) to turn some of the carmaker's new T6 Transporter vans into Apple's self-driving shuttles for employees. The deal comes after the tech giant failed to partner with luxury carmakers BMW and Mercedes-Benz to develop an all-electric self-driving car. "[T]talks with those companies have ended after each rebuffed Apple's requirements to hand over control of the data and design," reports The New York Times. From the report: Apple's deal with Volkswagen, which hasn't been previously reported, and the failure of its talks with other automakers reflect the continuing travails and diminished scope of the company's four-year-old car program. The project has suffered from repeated changes in direction that have hurt morale and led to hundreds of departures from its peak of more than 1,000 members two years ago, five former Apple employees said. They added that the team was now mostly consumed with developing the self-driving shuttle but the project lacks a clear plan beyond the vans.

Posted
by
BeauHDon Wednesday May 23, 2018 @09:25PM
from the target-acquired dept.

The Daily Beast reports that the FBI has seized control of a key server in the Kremlin's global botnet of 500,000 hacked routers. "The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow's ability to reinfect its targets," writes Kevin Poulsen. From the report: The FBI counter-operation goes after "VPN Filter," a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.

VPN Filter uses known vulnerabilities to infect home office routers made by Linksys, MikroTik, NETGEAR, and TP-Link. Once in place, the malware reports back to a command-and-control infrastructure that can install purpose-built plug-ins, according to the researchers. One plug-in lets the hackers eavesdrop on the victim's Internet traffic to steal website credentials; another targets a protocol used in industrial control networks, such as those in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.

Posted
by
BeauHDon Wednesday May 23, 2018 @08:45PM
from the too-good-to-be-true dept.

A couple months ago, Road to VR reported that Google and LG were planning to reveal the "world's highest-resolution OLED on-glass display" for virtual-reality headsets on May 22nd. Well, that day has arrived and the two companies unveiled that very display. Android Authority reports: As expected, the 4.3-inch OLED 18MP display has a resolution of 4,800 x 3,840. The display has a pixel density of 1,443PPI and a 120Hz refresh rate. Google and LG referred to it as the "world's highest-resolution OLED on-glass display." For comparison's sake, the HTC Vive has two 3.6-inch displays with resolutions of 1,200 x 1,080. The higher-end HTC Vive Pro has two 3.5-inch displays with resolutions of 1,600 x 1,440. The Vive Pro maxes out at 615PPI, making this new LG panel about 57% better than HTC's best offering. However, there's already one display that's better than anything on offer, and that's your own vision. A person with great vision sees in an estimated resolution of 9,600 x 9,000 with a PPI density of 2,183. In other words, this new display from Google and LG is about half as good as our own eyes. Unfortunately, there are no plans to use them in any consumer products yet. Google rep Carlin Verri told 9to5Google that the companies started this project to push the industry forward.

Posted
by
BeauHDon Wednesday May 23, 2018 @08:03PM
from the shrouded-in-secrecy dept.

An anonymous reader quotes a report from SFGate: The American Civil Liberties Union on Wednesday sued U.S. Immigration and Customs Enforcement for records about the agency's use of license plate reader technology, after ICE apparently failed to turn over records following multiple requests. In December, ICE purchased access to two databases of ALPR data, the complaint reads. One of those databases is managed by Vigilant Solutions, which has contracts with more than two dozen Bay Area law enforcement agencies. "We believe the other is managed by Thomson Reuters," ACLU laywer Vasudha Talla said. The ACLU and other privacy advocates have expressed concern about how this data will be stored and used for civil immigration enforcement. The ACLU filed two requests under the Freedom of Information Act in March seeking records from ICE, including contracts, memos, associated communications, training materials and audit logs. Since then, ICE has not provided any records, the ACLU said in the complaint, which was filed Tuesday morning in the Northern District Court for the Northern District of California.
"The excessive collection and storing of this data in databases -- which is then pooled and shared nationally -- results in a systemic monitoring that chills the exercise of constitutional rights to free speech and association, as well as essential tasks such as driving to work, picking children up from school, and grocery shopping," the complaint said. "We have essentially two concerns: one that is general to ALPR databases, and one that's specific to this situation with ICE," Talla said. "The ACLU has done a lot of work around surveillance technology and ALPR, and we're generally concerned about the aggregation of all this data about license plates paired with a time and location, stretching back for so many months and years."

Posted
by
msmash
on Wednesday May 23, 2018 @07:25PM
from the taking-a-stand dept.

53 piracy websites, including The Pirate Bay and KickassTorrents, have been blocked in Singapore following the most sweeping action taken by copyright holders in the country in more than a decade. From a report: A new wave of blocks announced this week are the country's most significant so far, with dozens of 'pirate' sites targeted following a successful application by the MPAA earlier this year. [...] "In Singapore, these sites are responsible for a major portion of copyright infringement of films and television shows," an MPAA spokesman told The Straits Times. "This action by rights ïowners is necessary to protectï the creative industry, enabling creators to create and keep their jobs, protect their works, and ensure the continued provision of high-quality content to audienceïsï."

Posted
by
BeauHDon Wednesday May 23, 2018 @06:45PM
from the bidding-war dept.

Comcast is reportedly preparing an offer to buy major portions of 21st Century Fox, which would give it majority control of Hulu and other media properties. Ars Technica reports: Walt Disney Company already has a $52.4 billion all-stock deal to buy the 21st Century Fox properties. But Comcast was rumored to be lining up $60 billion in financing in order to make a hostile bid for the Fox assets, and Comcast's announcement today confirms it. Comcast "is considering, and is in advanced stages of preparing, an offer for the businesses that Fox has agreed to sell to Disney," Comcast's announcement said. Comcast is working on the offer in preparation for shareholder meetings in which the Disney/Fox deal will be considered.

The Fox properties for sale do not include assets such as the Fox News Channel, Fox Business Network, and Fox Broadcasting Company. Those properties would be spun off into a company being referred to as "New Fox," and Comcast would acquire 21st Century Fox after the spinoff. The Fox sale to either Disney or Comcast would include 21st Century Fox's film and television studios; cable entertainment networks; the Fox Sports Regional Networks; and international properties including Star in India and Fox's 39-percent ownership of Sky across Europe. The sale would also include Fox's 30-percent stake in Hulu, the popular online video streaming service. Comcast already owns 30 percent of Hulu, so a deal with Fox would give the nation's largest cable company majority control over the online video provider.